I previously published a video about rock solid DNS. These are tips to leverage DNSMASQ of the an SD-WAN edge. Most of these settings are applied in the custom settings of DNSMASQ.
Add this to up the cache size from the default of 150:
cache-size=2048
To query DNSMASQ stats use this (where 192.168.0.1 is the DNSMASQ instance):
dig @192.168.0.1 +short chaos txt cachesize.bin dig @192.168.0.1 +short chaos txt hits.bind dig @192.168.0.1 +short chaos txt misses.bindd
To throw the spanner in the works for any private DNS usage (an example is android):
addn-hosts=/etc/ipset-blacklist/custom # custom file contents 192.168.0.1 dns.google 192.168.0.1 dns.google.com 192.168.0.1 one.one.one.one 192.168.0.1 dns9.quad9.net
To disable netflix or any domain:
address=/netflix.com/0.0.0.0 address=/nflxvideo.net.com/0.0.0.0
To block ads, ransomware and other riffraf download this:
addn-hosts=/etc/ipset-blacklist/ultimate
Ronald works connecting Internet inhabiting things at Fusion Broadband.
Comments
Post a Comment